<?php

namespace apiend\modules\book\controllers;

use Yii;
use apiend\components\Controller;

/**
 * 商品订单相关接口
 * ProfileController for the `shop` module
 */
class DownloadController extends Controller {

    /**
     * Declares the allowed HTTP verbs.
     * Please refer to [[VerbFilter::actions]] on how to declare the allowed verbs.
     * @return array the allowed HTTP verbs.
     */
    protected function verbs() {
        return [
            '*' => ['POST']
        ];
    }

    /**
     * @inheritdoc
     */
    public function actionIndex() {
        $filename = Yii::$app->request->post('filename');
        $storagePath = Yii::getAlias('@app/runtime/excel');
        // check filename for allowed chars (do not allow ../ to avoid security issue: downloading arbitrary files)
        if (!is_file("$storagePath/$filename")) {
            throw new \yii\web\NotFoundHttpException('The file does not exists.' . "$storagePath/$filename");
        }
        return Yii::$app->response->sendFile("$storagePath/$filename", $filename);
        return Yii::$app->response->sendFile("$storagePath/$filename", $filename, [
            'mimeType' => 'application/octet-stream'
        ]);
    }

}
